Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b1ce34-e043-45a8-bebd-8982b7a8f614/1/pPBgeojpcIg3swmGzejtTN7mrhY.roa
File: pPBgeojpcIg3swmGzejtTN7mrhY.roa (raw, json)
Hash identifier: cf1Lto6U+eObMIjJJwcLiYcGXVqZlr7Ldc6e4OgTsH4=
Subject key identifier: A4:F0:60:7A:88:E9:70:88:37:B3:09:86:CD:E8:ED:4C:DE:E6:AE:16
Certificate issuer: /CN=7d6340e37ccfc12aebaac2a5f33d45ea0a887a8a
Certificate serial: 018CCA2AAEBA2873A6C0072F1A982606CBAE
Authority key identifier: 7D:63:40:E3:7C:CF:C1:2A:EB:AA:C2:A5:F3:3D:45:EA:0A:88:7A:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWNA43zPwSrrqsKl8z1F6gqIeoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/b1ce34-e043-45a8-bebd-8982b7a8f614/1/pPBgeojpcIg3swmGzejtTN7mrhY.roa
Signing time: Tue 02 Jan 2024 12:34:03 +0000
ROA not before: Tue 02 Jan 2024 12:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34803
IP address blocks: 195.166.192.0/19 maxlen: 24
185.104.220.0/22 maxlen: 24
85.115.128.0/19 maxlen: 24
2a02:638::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:ae:ba:28:73:a6:c0:07:2f:1a:98:26:06:cb:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d6340e37ccfc12aebaac2a5f33d45ea0a887a8a
Validity
Not Before: Jan 2 12:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4f0607a88e9708837b30986cde8ed4cdee6ae16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dc:1e:9d:e9:9f:19:0e:6c:14:e7:20:af:fd:
77:93:77:53:b6:72:3d:14:8c:4f:5c:f7:c2:e6:a0:
c4:ea:7b:f1:26:b9:ea:0d:b4:d0:e9:b2:f5:bf:bd:
46:e1:c0:69:a6:2a:6d:b6:bb:77:e6:0e:e7:30:94:
28:7b:36:52:46:e3:d4:fd:bf:37:02:01:d5:23:94:
a3:af:e1:8a:54:31:b3:76:5f:c4:37:20:a3:45:27:
7c:d7:c9:69:06:c6:7d:ff:f4:de:70:29:8f:1b:0e:
c6:f5:77:e2:e1:7f:0e:8c:89:9f:a6:0d:25:f8:c9:
4f:12:1d:ae:9e:d6:6f:87:59:56:2f:1a:f9:41:04:
8f:65:51:a7:d9:f2:10:df:1c:28:8d:ef:e5:dd:3b:
8f:a4:27:0d:fa:76:75:bd:df:e3:59:38:2a:ac:37:
df:03:8f:75:e0:82:8f:94:4c:2c:09:37:df:4b:1a:
3e:91:13:73:e0:69:b2:a3:ec:33:e9:8b:cf:9f:80:
9e:5b:97:7d:ce:38:fe:5c:cf:3a:8e:e6:f7:3b:a2:
52:ca:ce:65:f4:b1:11:50:17:c4:0a:65:a4:14:4c:
8e:87:24:73:1c:53:13:7e:04:11:f3:c8:f6:7d:34:
0f:cb:90:26:ad:78:15:b6:1d:c6:aa:ff:8e:4e:4b:
f5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F0:60:7A:88:E9:70:88:37:B3:09:86:CD:E8:ED:4C:DE:E6:AE:16
X509v3 Authority Key Identifier:
keyid:7D:63:40:E3:7C:CF:C1:2A:EB:AA:C2:A5:F3:3D:45:EA:0A:88:7A:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWNA43zPwSrrqsKl8z1F6gqIeoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b1ce34-e043-45a8-bebd-8982b7a8f614/1/pPBgeojpcIg3swmGzejtTN7mrhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b1ce34-e043-45a8-bebd-8982b7a8f614/1/fWNA43zPwSrrqsKl8z1F6gqIeoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.128.0/19
185.104.220.0/22
195.166.192.0/19
IPv6:
2a02:638::/32
Signature Algorithm: sha256WithRSAEncryption
23:83:4c:99:65:93:49:af:4c:7b:d2:50:bd:3d:5f:46:98:44:
fc:db:a0:cc:7e:c0:3f:56:6d:34:2c:d7:a9:da:3e:d6:ce:52:
07:a3:f4:f1:48:ab:fd:78:01:2c:32:02:d5:22:06:fd:99:4f:
8f:13:f3:24:db:d6:55:9c:be:e3:b4:ef:b1:f2:72:f9:82:bd:
04:85:5e:58:9c:87:9d:33:60:d6:1b:ce:99:8e:bb:40:88:65:
d1:90:a4:e3:d6:60:93:00:bc:70:b7:06:c4:93:24:6a:fd:d8:
e3:4d:34:32:e1:22:d5:e5:6a:22:f9:a6:1e:fc:4e:85:b4:f0:
19:13:ae:5f:45:b2:46:af:59:d1:37:c8:48:f7:bf:4b:62:3c:
80:0d:ed:87:97:4e:02:fc:a6:66:05:63:c8:88:1d:88:d4:b9:
88:86:f2:94:84:99:cc:00:8d:df:bd:d1:19:2d:2e:6d:fa:96:
fc:98:9e:53:56:b6:ab:2e:7e:ed:bb:63:73:12:df:1a:6c:68:
21:62:79:4c:17:42:a4:79:bb:e6:e4:5f:e3:92:c1:05:a3:33:
58:14:ce:75:b6:52:b4:f5:b8:78:51:39:2f:69:44:a3:ac:ac:
ba:b3:a8:0f:e7:50:4f:7a:82:86:a7:d0:dc:e0:6e:04:e8:b5:
07:18:4a:62
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKKq66KHOmwAcvGpgmBsuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjM0MGUzN2NjZmMxMmFlYmFhYzJhNWYzM2Q0NWVhMGE4
ODdhOGEwHhcNMjQwMTAyMTIzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGYwNjA3YTg4ZTk3MDg4MzdiMzA5ODZjZGU4ZWQ0Y2RlZTZhZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttwenemfGQ5sFOcgr/13k3dTtnI9
FIxPXPfC5qDE6nvxJrnqDbTQ6bL1v71G4cBppipttrt35g7nMJQoezZSRuPU/b83
AgHVI5Sjr+GKVDGzdl/ENyCjRSd818lpBsZ9//TecCmPGw7G9Xfi4X8OjImfpg0l
+MlPEh2untZvh1lWLxr5QQSPZVGn2fIQ3xwoje/l3TuPpCcN+nZ1vd/jWTgqrDff
A4914IKPlEwsCTffSxo+kRNz4Gmyo+wz6YvPn4CeW5d9zjj+XM86jub3O6JSys5l
9LERUBfECmWkFEyOhyRzHFMTfgQR88j2fTQPy5AmrXgVth3Gqv+OTkv1fQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKTwYHqI6XCIN7MJhs3o7Uze5q4WMB8GA1UdIwQY
MBaAFH1jQON8z8Eq66rCpfM9ReoKiHqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldOQTQzelB3U3JycXNLbDh6MUY2Z3FJZW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iMWNlMzQtZTA0My00NWE4LWJlYmQt
ODk4MmI3YThmNjE0LzEvcFBCZ2VvanBjSWczc3dtR3planRUTjdtcmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iMWNlMzQtZTA0My00NWE4LWJlYmQtODk4MmI3YThmNjE0
LzEvZldOQTQzelB3U3JycXNLbDh6MUY2Z3FJZW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVXOAAwQC
uWjcAwQFw6bAMA0EAgACMAcDBQAqAgY4MA0GCSqGSIb3DQEBCwUAA4IBAQAjg0yZ
ZZNJr0x70lC9PV9GmET826DMfsA/Vm00LNep2j7WzlIHo/TxSKv9eAEsMgLVIgb9
mU+PE/Mk29ZVnL7jtO+x8nL5gr0EhV5YnIedM2DWG86ZjrtAiGXRkKTj1mCTALxw
twbEkyRq/djjTTQy4SLV5Woi+aYe/E6FtPAZE65fRbJGr1nRN8hI979LYjyADe2H
l04C/KZmBWPIiB2I1LmIhvKUhJnMAI3fvdEZLS5t+pb8mJ5TVrarLn7tu2NzEt8a
bGghYnlMF0Kkebvm5F/jksEFozNYFM51tlK09bh4UTkvaUSjrKy6s6gP51BPeoKG
p9Dc4G4E6LUHGEpi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:02 2025 by rpki-client